CompTIA SecurityX (CAS-005) — Question 65

A security engineer needs to ensure production containers are automatically scanned for vulnerabilities before they are accepted into the production environment. Which of the following should the engineer use to automatically incorporate vulnerability scanning on every commit?

Answer options

• A. Code repository
• B. CI/CD pipeline
• C. Integrated development environment
• D. Container orchestrator

Correct answer: C

Explanation

The correct answer is C, as an Integrated Development Environment (IDE) can be configured to run vulnerability scans on code before it is committed. While a Code repository (A) stores the code, a CI/CD pipeline (B) automates testing and deployment, and a Container orchestrator (D) manages container deployment but does not inherently handle vulnerability scanning.